Privacy Policy

1. Introduction

Marsin, operated by INSIDEA ("we," "our," or "us"), is committed to protecting the privacy of our users. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI marketing platform and related services.

2. Information We Collect

Account Information: When you create an account, we collect your name, email address, organization name, and password (stored as a secure hash).

Usage Data: We collect information about how you interact with our platform, including agent runs, task inputs and outputs, token usage, and feature engagement.

Integration Data: When you connect third-party services (such as HubSpot, Gmail, or Slack), we store encrypted OAuth tokens and access data necessary to operate those integrations on your behalf.

Knowledge Base: Files you upload for RAG (retrieval-augmented generation) are stored securely and processed to generate embeddings for AI-assisted search and responses.

3. How We Use Your Information

We use your information to provide, maintain, and improve the Marsin platform; to execute AI agent tasks on your behalf; to process payments and manage your subscription; to send transactional communications (such as password resets and billing notices); and to monitor platform health and prevent abuse.

4. Data Security

We implement industry-standard security measures including AES-256-GCM encryption for stored integration tokens, bcrypt password hashing, secure HTTP-only cookies for session management, and database-backed rate limiting to prevent abuse. All data is transmitted over TLS/HTTPS.

5. Third-Party Services

We use trusted third-party providers to operate our platform: OpenAI for AI model inference, Stripe for payment processing, Vercel for hosting, and Supabase (PostgreSQL) for data storage. Each provider is bound by their own privacy policies and our data processing agreements.

6. Data Retention

We retain your account data for as long as your account is active. Agent run logs are retained for 90 days by default. You may request deletion of your data at any time by contacting us at privacy@insidea.com. Upon account deletion, we will remove your personal data within 30 days, except where retention is required by law.

7. Your Rights

Depending on your jurisdiction, you may have the right to access, correct, or delete your personal data; to object to or restrict certain processing; to data portability; and to withdraw consent where processing is based on consent. To exercise these rights, contact us at privacy@insidea.com.

8. Cookies

Marsin uses essential cookies for authentication and session management. We do not use advertising or tracking cookies. Our authentication cookie ("insidea_access") is HTTP-only and secure, used solely to maintain your logged-in session.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date.

10. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at: privacy@insidea.com